Memory based attacks are a significant threat to the security of information processing systems. Some such attacks involve storing malicious code, such as a virus or a worm, in the memory of a computer system, then exploiting bugs and/or buffer overflows while running legitimate programs to transfer control to the malicious code. Modern viruses and worms are thus able to breach the user/kernel boundary, causing widespread damage to the IT industry and other users of information processing systems. Security of information processing systems remains a complicated and important problem as intruders continue to develop new techniques to attack systems to cause damage, misappropriate information, or perform other unauthorized tasks.
One approach to preventing this type of attack is to include an “execute disable” bit in a page table entry that may be used to designate pages where data is stored as non-executable, so that malicious code could not be stored as data and subsequently executed within the same physical, linear or logical memory space. However, memory based attack techniques are becoming increasingly sophisticated, and additional approaches to preventing such attacks may be desired. This includes protections from buffer overflows that execute existing code or corrupt memory, malicious kernel or application components, rootkits, spyware, and computer viruses. It also includes protections from buggy code such as runaway pointers that corrupt data in other programs or subprograms within a linear address space.